[Top] [All Lists]

Re: Way Forward

2000-08-01 14:12:17
Russ Housley <housley(_at_)spyrus(_dot_)com> writes:
The attack is probably impossible to mount using S/MIME against a 
human-operated mail agent; however, I am not convinced that a mail list 
agent (or other automated mail agent) would be immune.  Further, CMS is 
being used in many environments, not just S/MIME, and some of those 
environments may have issues.
Understood, but it's trivial to patch these S/MIME agents to
be completely immune to this attack without compromising compatibility.

OAEP have been available for years.  PKCS#1 v2.0 includes it.  I do not 
think that it is immature.
That's not the issue that I am concerned with. Rather, I'm concerned
with introducing gratuitous incompatibilities.


<Prev in Thread] Current Thread [Next in Thread>